Explains how to combine AWS AgentCore with Agentgateway for secure, identity-aware authentication in AI agent deployments.
A technical guide on implementing Two-Factor Authentication (2FA) using TOTP and QR codes in ASP.NET Core for enhanced security.
A guide to using OpenID Connect and tsidp for centralized authentication in a homelab, replacing passwords for services like Proxmox and Portainer.
A guide to implementing Conditional Access policies for securing Azure Virtual Desktop, covering architecture, policy configuration, and best practices.
Discusses the critical need for secure account recovery workflows when implementing passkeys, highlighting Microsoft Entra's new preview solution.
Troubleshooting guide for fixing the 'browser blocked popup' error when creating a Logic App connection in the Azure Portal.
A practical guide to implementing essential API security best practices in Spring Boot, including HTTPS, JWT authentication, authorization, and rate limiting.
Microsoft fixes Web Account Manager (WAM) authentication issues in Microsoft Graph PowerShell, making it the default login on Windows.
Explores a novel, anonymous web login system using secret keys instead of email or social logins, highlighting its trade-offs.
Microsoft introduces cloud-only Kerberos authentication for Azure Files using Entra ID, eliminating the need for traditional domain controllers.
A developer details a frustrating bug in GitHub's 2FA system that prevents removing SMS authentication without adding an authenticator app first.
Analyzes the pros and cons of renaming the built-in SQL Server 'sa' account as a security measure against brute-force attacks.
A technical guide on disabling the sign-up option in a Microsoft Entra External ID user flow using the Microsoft Graph Beta API and PowerShell.
Explains how to implement secure cookie-based authentication in an Angular frontend, comparing it to the Authorization Code flow with PKCE.
A developer built a unified task dashboard using Next.js, Vercel Edge Functions, and live API calls to aggregate data from ClickUp, Notion, and Google Calendar.
Argues against using API keys for securing enterprise AI tools like LLMs and agents, highlighting security flaws and recommending better alternatives.
Explains methods to restrict access to action methods in ASP.NET Core MVC using filters and the Authorize attribute.
A guide on using GitHub Actions to securely checkout a specific branch from a private repository, enabling reusable components in CI/CD workflows.
Explains how to forward authenticated user requests from a .NET BFF to a downstream API using YARP and OAuth 2.0 token exchange.
Explores the emerging security research landscape around the Model Context Protocol (MCP), a new standard for AI model communication.
